feat: 更新删除评论逻辑，增加对目标内容所有者的权限检查；添加编辑者角色常量

2025-09-26 02:56:22 +00:00 · 2025-09-13 23:46:07 +08:00
parent 8be05cd9c2
commit 78cc596544
2 changed files with 11 additions and 2 deletions
--- a/internal/service/comment.go
+++ b/internal/service/comment.go
@ -95,7 +95,15 @@ func (cs *CommentService) DeleteComment(ctx context.Context, commentID string) e
 		return errs.New(errs.ErrNotFound.Code, "comment not found", err)
 	}

-	if comment.UserID != currentUser.ID {
+	isTargetOwner := false
+	if comment.TargetType == constant.TargetTypePost {
+		post, err := repo.Post.GetPostByID(strconv.Itoa(int(comment.TargetID)))
+		if err == nil && post.UserID == currentUser.ID {
+			isTargetOwner = true
+		}
+	}
+
+	if comment.UserID != currentUser.ID || isTargetOwner {
 		return errs.ErrForbidden
 	}

--- a/pkg/constant/constant.go
+++ b/pkg/constant/constant.go
@ -8,7 +8,8 @@ const (
  ContextKeyUserID                       = "user_id"   // 上下文键：用户ID
  ModeDev                                = "dev"
  ModeProd                               = "prod"
-  RoleUser                               = "user"
+  RoleUser                               = "user"   // 普通用户 仅有阅读和评论权限
+  RoleEditor                             = "editor" // 能够发布和管理自己内容的用户
  RoleAdmin                              = "admin"
  EnvKeyBaseUrl                          = "BASE_URL"                             // 环境变量：基础URL
  EnvKeyCaptchaProvider                  = "CAPTCHA_PROVIDER"                     // captcha提供者